This talk will demonstrate how to use Salt Mine leveraging Salt grains to create several environments (parallel universes) that decide how to run the same Salt formulas with different outcomes. "Roles” will be defined in an OpenStack Marconi (queuing as a service) deployment and a few formulas will be shared to demonstrate the concept.
56. Framework / mine / firewall
{%- if 'scope' in minion %}
{%- if minion.scope == 'project' %}
{%- for key, value in salt['mine.get']('project:' +
grains['project'], 'grains.items', expr_form='grain').items() %}
{%- if role in value['roles'] %}
-A INPUT -s {{ key }} -j {{ role|upper }}
…
{%- elif minion.scope == 'environment_id' %}
{%- for key, value in salt['mine.get']('environment_id:' +
grains['environment_id'], 'grains.items', expr_form='grain').items() %}
{%- if role in value['roles'] %}
-A INPUT -s {{ key }} -j {{ role|upper }}
…
59. Framework / mine / zenoss hosts
{%- if 'roles' in grains and 'zenoss_server' in grains['roles'] %}
{%- for key, value in salt['mine.get']('roles:zenoss_server', 'grains.items', expr_form='grain').items()
%}
{%- if value['project'] == pillar['project'] %}
host_{{ value['id'] }}:
host:
- present
- name: {{ value['id'] }}
- ip: {{ salt['mine.get'](value['id'], 'network.ip_addrs').values()[0][1] }}
{%- endif %}
{%- endfor %}
{%- endif %}
60. Summary
• grains
• mark minions (project, purpose, location, role)
• pillar
• to define global rules per role
• salt-mine
• to be able to query minions in the environment
• environments and directory overlay